John Paul M. Joaquin Tech 02.21.2022 21:Feb PM EST

Cybersecurity Warning: Blackberry Warns of Cybercriminals Sharing Malware for Bigger, Targeted Attacks

Small-to-medium businesses (SMBs) may want to step up their cybersecurity as soon as they can after reading this warning.

According to the 2022 Threat Report from Blackberry, the cybercriminal underground has been optimized to target SMBs better. This optimization means cybercriminals now share resources, take advantage of cloud technology creatively, and have better infrastructure to steal identities and cause anarchy among SMBs, as per TechRadar's article.

Eric Milam, Vice President of Research and Intelligence for Blackberry, elaborated in the report, saying that cybercriminals' infrastructure "evolved" until it was optimized to deliver more "timely and personalized deceptions to the public." He also added that cybercriminals have been sharing and outsourcing malware to execute attacks at scale.

"In fact, some of the biggest cyber incidents of 2021 look to have been the result of this outsourcing," Milam added.

Blackberry's report also mentioned that cybercriminals can attack SMBs at scale due to their adoption of old tactics like phishing and watering hole attacks. The threat of these attacks is compounded by the rising popularity of the Metaverse and increased augmented reality solutions.

Additionally, they can also insert malware into public cloud platforms such as Amazon Web Services, Microsoft's Azure and Google Cloud Platform cheaply. According to Blackberry's report, the majority of the "payloads" cybercriminals put into public cloud platforms are "malleable". As such, they are customizable without incurring high expenses.

Cybersecurity Warning: Why Small Businesses?

Terry Cutler, Montreal's Cyology Labs, explained in his guest appearance in IT World Canada's podcast called "Cybersecurity Today" that SMBs are mainly targeted due to their lack of time, resources or money to invest in cybersecurity.

"[SMBs] see no value in it because they believe they're not a target. Or there's too much technobabble," Cutler said. "They don't understand when the IT department is trying to talk to them. Management only sees a price tag. They don't want to be educated on the problem or how it could be prevented."

Blackberry predicts that SMBs will continue to be an epicenter for cybercriminal focus as they face more than 11 cyber threats per device per day--a figure that will further increase in the future as cybercriminals adopt collaborative mindsets.

How to Protect Your Business

The good news is that more SMBs are taking cybersecurity more seriously than before, with a significant rise in the amount of money spent on their IT security budget, per Kaspersky's report on the matter. In fact, 62 percent of SMBs said cybersecurity is one of their priorities.

Kaspersky added that SMBs should have a perimeter defense with multilayered security to prevent cybercriminals' malicious codes from reaching their networks. This multilayer security means using multiple security solutions together. Kaspersky advised companies to install antivirus software on each device that's connected to the business' network and encrypt data in storage and when sent across the internet as part of having multilayered security.

The popular anti-virus provider also suggested to SMB owners to get cybersecurity training and expertise on the matter to further improve their protection from cybercriminals.

Zen Business also pointed out the importance of using antivirus software to protect devices connected to an SMB's network in their article on how to protect SMBs from cyber attacks. They also mentioned avoiding easily guessed passwords, backing up devices, and using a VPN as well as two-factor authentication to improve their business' cybersecurity.